Data protection regulation

Thank you for your interest in our services. nova-Institut für politische und ökologische Innovation GmbH (“nova-Institute”). takes data security very seriously and has taken organisational and technical measures to ensure that data protection regulations are observed by both our staff and external providers. We would like to inform you of the scope and purpose of the personal data we collect, use and process as well as the rights the data subject through this data protection regulation.

In general, the use of our services is accessible without entering personal information. However, different rules may apply to the use of some of our services accessible via our website. In this context, we collect personal information in accordance with German and European law.

When you order fee-based services from this website, your personal data will be collected and further processed for the purposes detailed hereafter. The relevant data processing operations are under the responsibility of the nova-Institut für politische und ökologische Innovation GmbH, all our servers are hosted in Germany.

How do we protect and safeguard your information?
The collected personal data are stored on the servers owned and operated by nova-Institute and hosted in Germany.
We take numerous technical and organisational measures to ensure the safety of the data processed through this website. The data transfer via internet is, nevertheless, always subject to security risks, so please be aware that complete protection against third-party access to transferred data cannot be assured.

What are personal data?
Personal data is any information that relates to an identified or identifiable natural person (sometimes called data subject), such as name, email address or phone number. Data that does not disclose the identity of a person, such as visitor statistics, are not covered.

Information collected
We only collect data necessary to provide you with the service or product you selected. All data is obtained by the data subject itself via registration process and/or email contact.

Collection of general data and information (Server information)
In connection with your access, data transmitted by your internet browser is collected for security purposes, such as type and version of the browser you use, operating system, websites that linked you to our website, date and time of your visit or IP address. It is needed to deliver the content of our website correctly, ensure the long-term viability of our information technology systems and website technology and provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. This data is not used to identify users, it is anonymised and stored separately from any personal information we might have on an individual. The statistical evaluation of anonymized data records is reserved.

Cookies
We do not use cookies processing personal data on this website.

Profiling
We do not use any form of automated decision making or profiling.

Newsletter
We inform our business partners regularly through mailings about our services, events and offers. However, the mailings require for our partners to subscribe to the newsletter they are interested in and submit a valid email address for delivery. To ensure the safety of your personal data, we use an double-opt-in process. This means that upon registration, a confirmation email will be send to the registered email address. This confirmation email is used to prove whether the owner of the email address as the data subject is authorized to receive the newsletter. During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection.
The data collected as part of the registration process is used to deliver the newsletter and, if necessary, about issues concerning the operation of the newsletter service or registration in question, e.g. in case of modifications to the newsletter offer or change of technical circumstances. There will be no transfer of data to third parties. Subscribers can terminate the subscription at any time and revoke the consent to store the data necessary for delivering the newsletter by using the link at the end of every mailing they receive. Alternatively, it is possible to unsubscribe directly at the registration side or using the links in the opt-in email received during the registration process. It is also possible to contact us directly using the information further below.

Who has access to your information and to whom is it disclosed?
Access to all personal data as well as to all information collected is granted only to a defined set of nova-Institute’s staff members. These typically are accounting and selected members of the scientific staff. No third parties are involved.

Third parties!
No personal data is transmitted to other parties.

How long do we keep your data? – Routine erasure and blocking of personal data
We determine the storage period of personal data according to the respective statutory retention period. Personal data is kept for as long as the data is needed for the purpose of storage or as far as it is granted by European and national legislation. The personal data stored by us is routinely blocked or erased if the purpose for storage is no longer applicable or the storage period as prescribed by European and national legislation expires.

How can you verify, modify or delete your information?
The General Data Protection Regulation of the European Union grants certain rights to each data subject, defined in Article 12 to 23, amongst others. In short, you have the right to access your data, the right to rectification, to erasure (right to be forgotten), to restrict or object to processing, to data portability, the right to complain to a supervisory authority and the right to withdraw consent. In case you wish to verify which personal data is stored on your behalf, have it modified, corrected, or deleted, or if you have questions concerning any information processed, or on your rights, please feel free to contact or data protection officer. Please be specific in your request to help us help you.

Legal basis
In general, the legal basis for procession of personal data is Article 6(1) of the General Data Protection Regulation. The provision of personal data is also partly required by law (e.g. tax regulations) or results from contractual provisions (e.g. information on the contractual partner). It also can be necessary to fulfill contractual obligations.

Controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other protection laws applicable in the European Union and other provisions related to data protection is:
nova-Institut für politische und ökologische Innovation GmbH
Chemical Park Knapsack, Building 0611
Industriestrasse 300
50354 Huerth
Germany
contact@nova-institut.de
Tel +49 (0)2233 48 14 40

Data protection officer:
If you have questions or suggestions, you can contact our data proetection officer directly:
dpo@nova-institut.de
Phone +49 (0)2233 4814 58

Changes to the privacy policy
We reserve the right to change this privacy policy at any time, observing the applicable law. The current status is May 2018.